53
Dropping Cellular for VoIP? Daily Phone use.
(lemmy.ml)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 19 Sep 2024
53 points (96.5% liked)
Privacy
31258 readers
492 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 4 years ago
MODERATORS
Cons:
You absolutely cannot get 2FA authenticator codes from 90% of services. Many services that require a phone number even without 2FA just for "verify you're a human" or because they want your data or to verify region use shortcode services that also will not work with ANY VOIP provider.
You will not receive their codes. These companies vary from banking institutions to gaming companies to online shopping marketplaces and stores to a Google account (used to be you could get an automated phone call to verify an account, not anymore, must be able to receive SMS from shortcodes that are disabled for VOIP numbers to register and to recover an account) just about anyone you could end up doing business with.
A shockingly large amount of companies demand phone numbers and send verification texts before allowing you to do business with them, to create an account, to recover an account, to delete an account, to place an order, etc.
They really shouldn't, it's a bad security practice but companies love it because with a phone number they can lower support costs by just allowing people to do a self-service where they get an automated text and can unlock their locked account. They also love harvesting that data and preventing anonymization with VOIP numbers and the reduction of fraud and increase of reliable KYC that comes with requiring them.
And they all take it as a given that EVERYONE or at least 99% have a cell plan with a non-VOIP number that works with these and the 1% who don't they don't care about in the developed world and are an acceptable loss.
90% of American commercial services that is.
Online services or many/most European services have more proper 2FA (TOTP, app-based, card reader OTP, etc...)
Can you name me an EU bank that doesn't demand a phone number to signup?
Unfortunately, PSD2 doesn't support TOTP and other strong 2FA solutions, so they all appear to require phone numbers. This is one area where EU is worse than US
That is a completely separate issue from the above commenter.
Also an issue, but indeed a separate issue from using unsecure SMS as TOTP.
I don't follow. Banks are required to use insecure SMS for OTPs by PSD2